Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/VTVqoLUsvAxh1QYppQN8QluajOw.roa
File: VTVqoLUsvAxh1QYppQN8QluajOw.roa (raw, json)
Hash identifier: 5iRe/X4w8h7XEocww8YhpbLX6aTpxIelwU/zqlbUzf0=
Subject key identifier: 55:35:6A:A0:B5:2C:BC:0C:61:D5:06:29:A5:03:7C:42:5B:9A:8C:EC
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 025F7419
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/VTVqoLUsvAxh1QYppQN8QluajOw.roa
Signing time: Sat 01 Jan 2022 11:01:44 +0000
ROA not before: Sat 01 Jan 2022 11:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211604
IP address blocks: 2a05:4140:7::/48 maxlen: 48
2a05:4140:375::/48 maxlen: 48
2a05:4140:335::/48 maxlen: 48
2a05:4140:10::/48 maxlen: 48
2a05:4140:8::/48 maxlen: 48
2a05:4140:9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39810073 (0x25f7419)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 11:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55356aa0b52cbc0c61d50629a5037c425b9a8cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ec:89:f9:3a:49:c1:8e:8f:da:b7:f6:57:61:
d7:e6:d6:bb:68:69:28:28:05:b0:a1:ac:83:e8:92:
51:cc:6d:9e:26:f3:7c:b9:03:b6:8f:89:70:22:f7:
4f:4d:df:b1:73:57:4d:44:5e:49:81:cf:9e:e0:10:
ae:98:da:f1:c8:2c:90:51:4d:40:ad:00:1e:ca:db:
02:d9:2e:83:9b:61:38:76:dc:d5:d6:60:c2:fa:44:
67:f7:b8:9b:db:5d:61:65:21:7d:22:cf:18:c4:2c:
03:0e:2b:a1:ad:db:cf:93:51:04:ad:b5:c4:81:6a:
29:e6:18:f4:e1:a2:a2:22:07:84:49:3b:0f:d5:27:
4c:9e:ae:be:09:6b:6c:99:31:04:84:d8:7e:3a:47:
89:af:bd:65:7c:29:d1:07:fb:34:62:99:a2:c9:37:
f9:ae:ca:79:2e:61:6a:61:50:c2:5e:da:cb:56:18:
46:59:7b:d9:58:fe:14:a2:7e:5e:92:57:c1:61:8f:
fe:62:24:4f:10:30:26:0b:bc:60:d8:8d:db:02:19:
45:a6:3e:bd:a6:23:90:c0:91:76:76:67:3b:43:8c:
d3:d0:c5:03:1e:96:40:50:4e:1d:5f:21:9a:f7:09:
47:9f:c8:75:9d:16:f0:3b:63:7b:cd:2c:bc:f1:29:
b9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:35:6A:A0:B5:2C:BC:0C:61:D5:06:29:A5:03:7C:42:5B:9A:8C:EC
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/VTVqoLUsvAxh1QYppQN8QluajOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:7::-2a05:4140:9:ffff:ffff:ffff:ffff:ffff
2a05:4140:10::/48
2a05:4140:335::/48
2a05:4140:375::/48
Signature Algorithm: sha256WithRSAEncryption
19:26:51:58:69:6d:26:28:dd:0c:b1:d9:b1:c6:10:18:40:ff:
c7:a3:09:86:da:d6:ec:89:52:54:5c:77:de:03:59:db:b7:12:
dc:ae:8c:6a:3a:d4:21:78:33:6a:f0:65:29:aa:4b:47:34:fb:
7b:4d:54:ee:ec:f2:b9:ca:b7:56:57:63:65:df:d7:cf:5e:89:
74:36:32:35:b4:97:f1:e1:5a:58:8e:90:87:e5:0b:7f:54:e5:
2a:1a:6d:fe:f1:7f:ea:71:81:96:a7:61:19:5e:6d:8c:ba:9e:
23:2e:c3:6b:4c:d5:57:8d:a1:9a:ea:7a:30:46:a1:f0:bf:cd:
56:95:98:ee:55:36:b1:c0:cd:85:c7:52:53:18:31:73:58:6a:
48:d5:39:c1:c1:29:5f:db:c3:ba:cf:d0:d8:cc:be:a8:d7:64:
21:07:b2:b2:d5:60:f8:21:29:51:ea:ac:41:cc:f8:d3:5b:6a:
f2:91:1e:2f:f9:e2:0b:2e:95:51:d5:c7:37:16:19:45:c7:0d:
84:85:80:19:a6:63:a7:44:d1:67:1e:51:93:8b:60:b3:30:a3:
51:de:93:58:ff:98:1c:4f:7a:f7:4d:d4:ac:5a:0d:93:b2:da:
31:69:2c:2c:4a:52:4c:c1:41:a6:a9:6a:3d:8d:aa:62:2d:38:
a8:31:54:2f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEAl90GTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzRjNjBhZGViMGNkNTc2OGNmNzU2ZjU2MmIxYjVjYzViOWMxODBhMB4XDTIyMDEw
MTExMDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTUzNTZhYTBiNTJj
YmMwYzYxZDUwNjI5YTUwMzdjNDI1YjlhOGNlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/sifk6ScGOj9q39ldh1+bWu2hpKCgFsKGsg+iSUcxtnibz
fLkDto+JcCL3T03fsXNXTUReSYHPnuAQrpja8cgskFFNQK0AHsrbAtkug5thOHbc
1dZgwvpEZ/e4m9tdYWUhfSLPGMQsAw4roa3bz5NRBK21xIFqKeYY9OGioiIHhEk7
D9UnTJ6uvglrbJkxBITYfjpHia+9ZXwp0Qf7NGKZosk3+a7KeS5hamFQwl7ay1YY
Rll72Vj+FKJ+XpJXwWGP/mIkTxAwJgu8YNiN2wIZRaY+vaYjkMCRdnZnO0OM09DF
Ax6WQFBOHV8hmvcJR5/IdZ0W8Dtje80svPEpuV0CAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBRVNWqgtSy8DGHVBimlA3xCW5qM7DAfBgNVHSMEGDAWgBTHTGCt6wzVdoz3
VvVisbXMW5wYCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gweGdyZXNNMVhhTTkxYjFZckcxekZ1Y0dBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvYWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8x
L1ZUVnFvTFVzdkF4aDFRWXBwUU44UWx1YWpPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
YWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8xL3gweGdyZXNNMVhh
TTkxYjFZckcxekZ1Y0dBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwNQQCAAIwLzASAwcAKgVBQAAHAwcBKgVBQAAIAwcA
KgVBQAAQAwcAKgVBQAM1AwcAKgVBQAN1MA0GCSqGSIb3DQEBCwUAA4IBAQAZJlFY
aW0mKN0MsdmxxhAYQP/HowmG2tbsiVJUXHfeA1nbtxLcroxqOtQheDNq8GUpqktH
NPt7TVTu7PK5yrdWV2Nl39fPXol0NjI1tJfx4VpYjpCH5Qt/VOUqGm3+8X/qcYGW
p2EZXm2Mup4jLsNrTNVXjaGa6nowRqHwv81WlZjuVTaxwM2Fx1JTGDFzWGpI1TnB
wSlf28O6z9DYzL6o12QhB7Ky1WD4ISlR6qxBzPjTW2rykR4v+eILLpVR1cc3FhlF
xw2EhYAZpmOnRNFnHlGTi2CzMKNR3pNY/5gcT3r3TdSsWg2TstoxaSwsSlJMwUGm
qWo9japiLTioMVQv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org